package com.fwx.controller;

import com.fwx.vo.R;
import org.springframework.security.access.prepost.PreAuthorize;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.context.SecurityContext;
import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.security.core.userdetails.UserDetails;
import org.springframework.web.bind.annotation.GetMapping;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RestController;

/**
 * @program: springsecurity01
 * @description:
 * @author: 范文轩
 * @create: 2024-07-27 10:06 
 **/
@RestController
@RequestMapping("/user")
public class UserController {
    
    @GetMapping("/info")
    public Authentication info(){
        // 获取SecurityContext对象
        SecurityContext context = SecurityContextHolder.getContext();
        // 把用户得到的信息封装到Authentication类中--用户名--角色以及权限--状态
        Authentication authentication = context.getAuthentication();
        UserDetails principal = (UserDetails) authentication.getPrincipal();
        return authentication;
    }
    
    @PreAuthorize("hasAnyAuthority('user:add')")
    @GetMapping("/insert")
    public R insert(){
        return new R(200,"添加成功",null);
    }

    @PreAuthorize("hasAnyAuthority('user:query')")
    @GetMapping("/select")
    public R select(){
        return new R(200,"查询成功",null);
    }

    @PreAuthorize("hasAnyAuthority('user:update')")
    @GetMapping("/update")
    public R update(){
        return new R(200,"修改成功",null);
    }

    @PreAuthorize("hasAnyAuthority('user:delete')")
    @GetMapping("/delete")
    public R delete(){
        return new R(200,"删除成功",null);
    }
    
    @PreAuthorize("hasAnyAuthority('user:export')")
    @GetMapping("/export")
    public R export(){
        return new R(200,"导出成功",null);
    }
}
